Thank you for the reply Tharindu. This helps but not exactly what I wanted to know.
I am trying to add an external IdP to IS, for which I have written an XML based IdP configuration that goes under repository/conf/identity/identity-providers. I already have the public cert from the external IdP and I am worried about how to include that in the aforesaid XML config. There is a tag named <Certificate> in a sample IdP config, but adding the certificate directly there or adding the encoded value hasn't worked for me so far. Do we have a sample XML config that can help here? Thanks, On Thu, Jul 28, 2016 at 5:37 PM, Tharindu Edirisinghe <[email protected]> wrote: > Hi Gayan, > > Here's a sample command if the IDP is WSO2 Identity Server where you can > export the public certificate in PEM format. > > > > *keytool -exportcert -alias wso2carbon -keypass wso2carbon -keystore > wso2carbon.jks -storepass wso2carbon -rfc -file ispublic_crt.pem* > Then, the certificate file, you can open with a notepad so you see the > certificate value. Sample is below. > > -----BEGIN CERTIFICATE----- > > > > > > > > > > > *MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=* > -----END CERTIFICATE----- > > You can copy this certificate value (highlight above) and put in the file. > > Note that above is only if the IDP is WSO2 IS. If the IDP is a third party > IDP, then you can get the certificate in PEM format and read the value. > > Regards, > TharinduE > > On Thu, Jul 28, 2016 at 7:22 PM, Gayan Yalpathwala <[email protected]> > wrote: > >> Hi devs, >> >> I have a file based IdP configuration in which I need to add the public >> certificate of the IdP. I have tried by adding the certificate content as >> it is, under the <Certificate> tag, and also tried with the base64 encoded >> version of the same, with no luck. What is the correct way to add this >> configuration? >> >> Thanks, >> >> -- >> *Gayan Kaushalya Yalpathwala* >> Software Engineer >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> LK: +94 71 868 2704 >> UK: +44 747 844 3609 >> >> <http://asia14.wso2con.com/> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > Tharindu Edirisinghe > Senior Software Engineer | WSO2 Inc > Platform Security Team > Blog : tharindue.blogspot.com > mobile : +94 775181586 > -- *Gayan Kaushalya Yalpathwala* Software Engineer WSO2 Inc.; http://wso2.com lean.enterprise.middleware LK: +94 71 868 2704 UK: +44 747 844 3609 <http://asia14.wso2con.com/>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
